Ok, this does NOT appear to be related (that I can tell) to the .cookie issue! Here is the apache log report:
[Thu Jan 27 17:38:00 2011] [error] [client 11.111.111.111] ModSecurity: Access denied with code 406 (phase 2). Pattern match "\\b(\\d+) ?= ?\\1\\b|[\\'"](\\w+)[\\'"] ?= ?[\\'"]\\2\\b" at REQUEST_HEADERS:Cookie. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "101"] [id "959901"] [msg "SQL Injection Attack"] [data "1=1"] [severity "CRITICAL"] [tag "WEB_ATTACK/SQL_INJECTION"] [hostname "mydomain.com"] [uri "/phpds/index.php"] [unique_id "TUIB2EpW6YIAABOm6z8AAAAT"]
Ok, this does NOT appear to be related (that I can tell) to the .cookie issue! Here is the apache log report:
[Thu Jan 27 17:38:00 2011] [error] [client 11.111.111.111] ModSecurity: Access denied with code 406 (phase 2). Pattern match "\\b(\\d+) ?= ?\\1\\b| [\\'"]( \\w+)[\ \'"] ?= ?[\\'"]\\2\\b" at REQUEST_ HEADERS: Cookie. [file "/usr/local/ apache/ conf/modsec2. user.conf" ] [line "101"] [id "959901"] [msg "SQL Injection Attack"] [data "1=1"] [severity "CRITICAL"] [tag "WEB_ATTACK/ SQL_INJECTION" ] [hostname "mydomain.com"] [uri "/phpds/index.php"] [unique_id "TUIB2EpW6YIAAB Om6z8AAAAT" ]